PRIVACY ADVOCATES WORRY THAT ENCRYPTED DATA WILL BE LINKED TO THE INDIVIDUAL ARE UNFOUNDED DUE TO EXISTING INSTITUTIONAL NORMS

Helena Gail Rubinstein, Director of Policy Analysis and Program Development, Group Insurance Commission of the Commonwealth of Massachusetts; "If I Am Only for Myself, What Am I? A Communitarian Look at the Privacy Stalemate," American Journal of Law & Medicine, 1999, 25 Am. J. L. and Med. 203, EE2001-JGM, p.229-30

The obsession of some privacy advocates with the possibility that encrypted or anonymized data will be turned into identifiable data and be publicly released injects a red herring into the privacy debate. Even though it may be possible, in theory, for a medical or health policy researcher to identify a data subject from anonymized data, institutional norms already create a substantial disincentive for the researchers to do so. The enforcement provisions included in each of the U.S. Senate bills, [*230] which appear to be acceptable to the data user community, build on these institutional norms. Given the public good that results from health research and the existing disincentives against researcher misconduct, it is reasonable to grant researchers liberal access to health data without requiring further consent of the subject. The focus of regulation should be on data security, not control over access.

CRYPTOGRAPHY CONTROLS ARE IRRELEVANT -- IT IS ALREADY AVAILABLE

RANDOLPH COURT; technology policy analyst, Progressive Policy Institute, The New Democrat, February, 1999 / March, 1999; Pg. 30 TITLE: PUBLIC INTEREST IN PRIVATE MATTERS; The Search for Balance Between Privacy and the Common Good in the Cyber Age // acs-VT2001

But those points are at least partially moot because there are other forms of cryptography that don't use a public key system. They are readily available, so there's no way to stop determined criminals and terrorists from avoiding public key systems.

ENCRYPTION WORKS WELL IN THE CASE OF MEDICAL RECORDS

Ann Cavoukian, Commissioner of the Information and privacy Commission of Ontario, "The Promise of Privacy-Enhancing Technologies," VISIONS OF PRIVACY: Policy Choices for the Digital Age, 1999, EE2001 -JGM, p. 126-7

Take the example of someone receiving health benefits. The government needs to ensure that only those eligible to receive such benefits actually receive them, thereby minimizing fraud. People who are eligible for health benefits, however, should get what they are entitled to. So what is needed is confirmation of the fact that person A (who we have already determined is eligible for assistance) is in fact person A and not someone impersonating him. Biometric encryption can do that anonymously, without revealing the fact that person A is John Larking. So if A uses his benefits to obtain treatment for a sensitive medical condition, he should be able to do so privately, once his eligibility has been confirmed. No one needs to know that A is your neighbour John Larking who sought treatment for impotence on 23 July. But the insurer does need to be assured that A is eligible to receive the benefits in question and, equally important, that someone else cannot impersonate A and claim the same benefits.

ENCRYPTION TECHNOLOGY IS ESSENTIAL TO THE FUTURE OF WORLDWIDE NETWORKING

High-tech industry officials said encryption is important to the future of worldwide networking and is already widely available outside the United States. It is a vital element in protecting business dealings, retail transactions over the Internet, and the e-mail privacy, they said.